Spring Oauth2客户端凭证流示例。

时间:2022-07-07 15:22:23

I am trying to implement service to service security into spring boot services using spring oauth2. I want a service to access a secured resource of another service without any user action involved.

我正在尝试使用spring oauth2实现服务安全性到spring引导服务。我希望服务能够访问另一个服务的安全资源,而不涉及任何用户操作。

There are a lot of examples for authorization code grant type, but not very much about the client credentials grant type, which seems to be the right one for this use case.

有很多授权代码授予类型的例子,但不是很多关于客户端凭证的类型,这似乎是这个用例的正确选项。

I can set up the auth server and use a curl request to get a token. The tests I found used Http Objects to check status codes.

我可以设置auth服务器并使用curl请求来获取令牌。我发现的测试使用Http对象来检查状态码。

How can I use the client credentials grant type in a java client with RestTemplate and spring oauth2?

如何在具有RestTemplate和spring oauth2的java客户端中使用客户端凭证授权类型?

I would think it must be as simple as adding a dependency, an annotation and a config file, yet I can't make it run.

我认为它必须像添加依赖项、注释和配置文件一样简单,但是我不能让它运行。

1 个解决方案

#1


0  

Its quit simple.

放弃也很简单。

  1. Create a Config Class whitch is annotated with @Configutration
  2. 创建配置类whitch用@Configutration注释。
  3. In this Class create a Bean Of type OAuth2ProtectedResourceDetails (interface) and create a ClientCredentialsResourceDetails Object in that method. Add your values to it and return it.
  4. 在这个类中,创建一个OAuth2ProtectedResourceDetails(接口)的Bean,并在该方法中创建一个ClientCredentialsResourceDetails对象。将您的值添加到它并返回它。
  5. Create a second Bean of type OAuth2RestTemplate in the Configuration Class and create in that method a DefaultOAuth2ClientContext object with the default Constructor. Than create a OAuth2RestTemplate and add the OAuth2ProtectedResourceDetails bean and the DefaultOAuth2ClientContext object to it. Subsequently return the OAuth2RestTemplate Object.
  6. 在Configuration类中创建一个OAuth2RestTemplate类型的第二个Bean,并在该方法中创建一个带有默认构造函数的DefaultOAuth2ClientContext对象。创建OAuth2RestTemplate并添加OAuth2ProtectedResourceDetails bean和DefaultOAuth2ClientContext对象。随后返回OAuth2RestTemplate对象。
  7. Add it with @Autowired in your Controller Classes and Service implementations to use it.
  8. 在您的控制器类和服务实现中添加@Autowired来使用它。

#1


0  

Its quit simple.

放弃也很简单。

  1. Create a Config Class whitch is annotated with @Configutration
  2. 创建配置类whitch用@Configutration注释。
  3. In this Class create a Bean Of type OAuth2ProtectedResourceDetails (interface) and create a ClientCredentialsResourceDetails Object in that method. Add your values to it and return it.
  4. 在这个类中,创建一个OAuth2ProtectedResourceDetails(接口)的Bean,并在该方法中创建一个ClientCredentialsResourceDetails对象。将您的值添加到它并返回它。
  5. Create a second Bean of type OAuth2RestTemplate in the Configuration Class and create in that method a DefaultOAuth2ClientContext object with the default Constructor. Than create a OAuth2RestTemplate and add the OAuth2ProtectedResourceDetails bean and the DefaultOAuth2ClientContext object to it. Subsequently return the OAuth2RestTemplate Object.
  6. 在Configuration类中创建一个OAuth2RestTemplate类型的第二个Bean,并在该方法中创建一个带有默认构造函数的DefaultOAuth2ClientContext对象。创建OAuth2RestTemplate并添加OAuth2ProtectedResourceDetails bean和DefaultOAuth2ClientContext对象。随后返回OAuth2RestTemplate对象。
  7. Add it with @Autowired in your Controller Classes and Service implementations to use it.
  8. 在您的控制器类和服务实现中添加@Autowired来使用它。